Skip to main content
GET
List every API key in the authenticated workspace, ordered newest first. The response is a JSON array (not an object). Revoked keys are included with revoked_at set, so you can render a complete audit view. Raw token secrets are never returned.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Response

The workspace's API keys, ordered by created_at descending.

id
string

Unique identifier for the key (a UUID). Use it as the {id} path segment for Retrieve, Update, and Delete.

Example:

"9b7e2c1a-4f3d-4a2b-8c1e-2d6f5a0b7c34"

name
string

The human-readable label set at creation or via Update.

Example:

"production-pipeline"

created_at
string<date-time>

When the key was created (RFC 3339, UTC).

Example:

"2026-05-14T17:02:11Z"

expires_at
string<date-time>

When the key expires. Omitted entirely if the key never expires.

Example:

"2026-12-31T23:59:59Z"

revoked_at
string<date-time>

When the key was revoked. Omitted entirely while the key is active.

Example:

"2026-04-20T12:00:00Z"